Skip to content

Commit

Permalink
修正使用不合法的utf-8字符串导致的数据判断错误
Browse files Browse the repository at this point in the history
  • Loading branch information
@joyqi
joyqi committed Mar 12, 2014
1 parent f7cb1a1 commit 7ee9b8b
Show file tree
Hide file tree
Showing 11 changed files with 90 additions and 94 deletions.
42 changes: 27 additions & 15 deletions var/Typecho/Common.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@
* @version $Id$
*/

define('__TYPECHO_MB_SUPPORTED__', function_exists('mb_get_info'));

/**
* Typecho公用方法
*
Expand Down Expand Up @@ -103,7 +105,7 @@ public static function __safePath($path)
* @param mixed $matches
* @static
* @access public
* @return void
* @return bool
*/
public static function __filterAttrs($matches)
{
Expand Down Expand Up @@ -242,20 +244,9 @@ function __autoLoad($className) {
*/
public static function exceptionHandle(Exception $exception)
{
//$obHandles = ob_list_handlers();

@ob_end_clean();

/*
if (in_array('ob_gzhandler', $obHandles)) {
ob_start('ob_gzhandler');
} else {
ob_start();
}
*/

if (defined('__TYPECHO_DEBUG__')) {
//@ob_clean();
echo nl2br($exception->__toString());
} else {
if (404 == $exception->getCode() && !empty(self::$exceptionHandle)) {
Expand All @@ -279,6 +270,7 @@ public static function exceptionHandle(Exception $exception)
public static function error($exception)
{
$isException = is_object($exception);
$message = '';

if ($isException) {
$code = $exception->getCode();
Expand Down Expand Up @@ -743,7 +735,7 @@ public static function subStr($str, $start, $length, $trim = "...")
$iLength = self::strLen($str) - $start;
$tLength = $length < $iLength ? ($length - self::strLen($trim)) : $length;

if (function_exists('mb_get_info')) {
if (__TYPECHO_MB_SUPPORTED__) {
$str = mb_substr($str, $start, $tLength, self::$charset);
} else {
if ('UTF-8' == strtoupper(self::$charset)) {
Expand All @@ -767,14 +759,34 @@ public static function subStr($str, $start, $length, $trim = "...")
*/
public static function strLen($str)
{
if (function_exists('mb_get_info')) {
if (__TYPECHO_MB_SUPPORTED__) {
return mb_strlen($str, self::$charset);
} else {
return 'UTF-8' == strtoupper(self::$charset)
? strlen(utf8_decode($str)) : strlen($str);
}
}

/**
* 检查是否为合法的编码数据
*
* @param string|array $str
* @return boolean
*/
public static function checkStrEncoding($str)
{
if (is_array($str)) {
return array_map(array('Typecho_Common', 'checkStrEncoding'), $str);
}

if (__TYPECHO_MB_SUPPORTED__) {
return mb_check_encoding($str, self::$charset);
} else {
// just support utf-8
return preg_match('//u', $str);
}
}

/**
* 生成缩略名
*
Expand All @@ -792,7 +804,7 @@ public static function slugName($str, $default = NULL, $maxLength = 128)
return $default;
}

if (function_exists('mb_regex_encoding')) {
if (__TYPECHO_MB_SUPPORTED__) {
mb_regex_encoding(self::$charset);
mb_ereg_search_init($str, "[\w" . preg_quote('_-') . "]+");
$result = mb_ereg_search();
Expand Down
111 changes: 44 additions & 67 deletions var/Typecho/Request.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,8 @@
* @version $Id$
*/

define('__TYPECHO_FILTER_SUPPORTED__', function_exists('filter_var'));

/**
* 服务器请求处理类
*
Expand All @@ -23,6 +25,13 @@ class Typecho_Request
*/
private $_params = array();

/**
* 参数是否已经处理过
*
* @var bool
*/
private $_paramsParsed = false;

/**
* 路径信息
*
Expand Down Expand Up @@ -95,6 +104,13 @@ class Typecho_Request
*/
private static $_instance = NULL;

/**
* 全部的http数据
*
* @var bool|array
*/
private static $_httpParams = false;

/**
* 当前过滤器
*
Expand Down Expand Up @@ -146,9 +162,10 @@ private function _applyFilter($value)
$value = is_array($value) ? array_map($filter, $value) :
call_user_func($filter, $value);
}

$this->_filter = array();
}

$this->_filter = array();
return $value;
}

Expand All @@ -160,9 +177,9 @@ private function _applyFilter($value)
*/
private function _checkIp($ip)
{
if (function_exists('filter_var')) {
return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)
|| filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6);
if (__TYPECHO_FILTER_SUPPORTED__) {
return false !== (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)
|| filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6));
}

return preg_match("/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/", $ip)
Expand All @@ -180,6 +197,17 @@ private function _checkAgent($agent)
return preg_match("/^[_a-z0-9- ,:;=#@\.\(\)\/\+\*\?]+$/i", $agent);
}

/**
* 初始化变量
*/
public function __construct()
{
if (false === self::$_httpParams) {
self::$_httpParams = array_filter(array_merge($_POST, $_GET),
array('Typecho_Common', 'checkStrEncoding'));
}
}

/**
* 设置过滤器
*
Expand Down Expand Up @@ -219,9 +247,8 @@ public function __get($key)
*/
public function __isset($key)
{
return isset($_GET[$key])
|| isset($_POST[$key])
|| $this->isSetParam($key);
return isset(self::$_httpParams[$key])
|| isset($this->_params[$key]);
}

/**
Expand All @@ -238,19 +265,16 @@ public function get($key, $default = NULL)
case isset($this->_params[$key]):
$value = $this->_params[$key];
break;
case isset($_GET[$key]):
$value = $_GET[$key];
break;
case isset($_POST[$key]):
$value = $_POST[$key];
case isset(self::$_httpParams[$key]):
$value = self::$_httpParams[$key];
break;
default:
$value = $default;
break;
}

$value = !is_array($value) && strlen($value) > 0 ? $value : $default;
return $this->_filter ? $this->_applyFilter($value) : $value;
return $this->_applyFilter($value);
}

/**
Expand All @@ -261,22 +285,11 @@ public function get($key, $default = NULL)
*/
public function getArray($key)
{
$result = array();

switch (true) {
case isset($_GET[$key]):
$result = $_GET[$key];
break;
case isset($_POST[$key]):
$result = $_POST[$key];
break;
default:
break;
}
$result = isset(self::$_httpParams[$key]) ? self::$_httpParams[$key] : array();

$result = is_array($result) ? $result
: (strlen($result) > 0 ? array($result) : array());
return $this->_filter ? $this->_applyFilter($result) : $result;
return $this->_applyFilter($result);
}

/**
Expand All @@ -298,21 +311,6 @@ public function from($params)
return $result;
}

/**
* 获取指定的http传递参数
*
* @access public
* @param string $key 指定的参数
* @param mixed $default 默认的参数
* @return mixed
*/
public function getParam($key, $default = NULL)
{
$value = isset($this->_params[$key]) ? $this->_params[$key] : $default;
$value = is_array($value) || strlen($value) > 0 ? $value : $default;
return $this->_filter ? $this->_applyFilter($value) : $value;
}

/**
* 设置http传递参数
*
Expand All @@ -323,31 +321,9 @@ public function getParam($key, $default = NULL)
*/
public function setParam($name, $value)
{
$this->_params[$name] = $value;
}

/**
* 删除参数
*
* @access public
* @param string $name 指定的参数
* @return void
*/
public function unSetParam($name)
{
unset($this->_params[$name]);
}

/**
* 参数是否存在
*
* @access public
* @param string $key 指定的参数
* @return boolean
*/
public function isSetParam($key)
{
return isset($this->_params[$key]);
if (Typecho_Common::checkStrEncoding($value)) {
$this->_params[$name] = $value;
}
}

/**
Expand All @@ -365,7 +341,8 @@ public function setParams($params)
$params = $out;
}

$this->_params = array_merge($this->_params, $params);
$this->_params = array_merge($this->_params,
array_filter($params, array('Typecho_Common', 'checkStrEncoding')));
}

/**
Expand Down
5 changes: 2 additions & 3 deletions var/Typecho/Response.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -142,7 +142,7 @@ public function setCharset($charset = null)
* 获取字符集
*
* @access public
* @return void
* @return string
*/
public function getCharset()
{
Expand Down Expand Up @@ -258,9 +258,8 @@ public function redirect($location, $isPermanently = false)
* 返回来路
*
* @access public
* @param string $anchor 附加地址
* @param string $suffix 附加地址
* @param string $default 默认来路
* @return void
*/
public function goBack($suffix = NULL, $default = NULL)
{
Expand Down
2 changes: 1 addition & 1 deletion var/Typecho/Widget/Helper/Form/Element/Hidden.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,6 @@ public function input($name = NULL, array $options = NULL)
*/
protected function _value($value)
{
$this->input->setAttribute('value', $value);
$this->input->setAttribute('value', htmlspecialchars($value));
}
}
2 changes: 1 addition & 1 deletion var/Typecho/Widget/Helper/Form/Element/Password.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,6 @@ public function input($name = NULL, array $options = NULL)
*/
protected function _value($value)
{
$this->input->setAttribute('value', $value);
$this->input->setAttribute('value', htmlspecialchars($value));
}
}
2 changes: 1 addition & 1 deletion var/Typecho/Widget/Helper/Form/Element/Text.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,6 @@ public function input($name = NULL, array $options = NULL)
*/
protected function _value($value)
{
$this->input->setAttribute('value', $value);
$this->input->setAttribute('value', htmlspecialchars($value));
}
}
2 changes: 1 addition & 1 deletion var/Typecho/Widget/Helper/Form/Element/Textarea.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,6 @@ public function input($name = NULL, array $options = NULL)
*/
protected function _value($value)
{
$this->input->html($value);
$this->input->html(htmlspecialchars($value));
}
}
9 changes: 7 additions & 2 deletions var/Widget/Contents/Post/Edit.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,11 @@ protected function getFields()
$fields = array();

if (!empty($this->request->fieldNames)) {
$data = $this->request->from('fieldNames', 'fieldTypes', 'fieldValues');
$data = array(
'fieldNames' => $this->request->getArray('fieldNames'),
'fieldTypes' => $this->request->getArray('fieldTypes'),
'fieldValues' => $this->request->getArray('fieldValues')
);
foreach ($data['fieldNames'] as $key => $val) {
if (empty($val)) {
continue;
Expand Down Expand Up @@ -701,8 +705,9 @@ public function setCategories($cid, array $categories, $beforeCount = true, $aft
public function writePost()
{
$contents = $this->request->from('password', 'allowComment',
'allowPing', 'allowFeed', 'slug', 'category', 'tags', 'text', 'visibility');
'allowPing', 'allowFeed', 'slug', 'tags', 'text', 'visibility');

$contents['category'] = $this->request->getArray('category');
$contents['title'] = $this->request->get('title', _t('未命名文档'));
$contents['created'] = $this->getCreated();

Expand Down
4 changes: 3 additions & 1 deletion var/Widget/Options/Discussion.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -183,9 +183,11 @@ public function updateDiscussionSettings()
$this->response->goBack();
}

$settings = $this->request->from('commentDateFormat', 'commentsListSize', 'commentsShow', 'commentsPost', 'commentsPageSize', 'commentsPageDisplay', 'commentsAvatar',
$settings = $this->request->from('commentDateFormat', 'commentsListSize', 'commentsPageSize', 'commentsPageDisplay', 'commentsAvatar',
'commentsOrder', 'commentsMaxNestingLevels', 'commentsUrlNofollow', 'commentsPostTimeout', 'commentsUniqueIpInterval', 'commentsWhitelist', 'commentsRequireMail', 'commentsAvatarRating',
'commentsPostTimeout', 'commentsPostInterval', 'commentsRequireModeration', 'commentsRequireURL', 'commentsHTMLTagAllowed', 'commentsStopWords', 'commentsIpBlackList');
$settings['commentsShow'] = $this->request->getArray('commentsShow');
$settings['commentsPost'] = $this->request->getArray('commentsPost');

$settings['commentsShowCommentOnly'] = $this->isEnableByCheckbox($settings['commentsShow'], 'commentsShowCommentOnly');
$settings['commentsMarkdown'] = $this->isEnableByCheckbox($settings['commentsShow'], 'commentsMarkdown');
Expand Down
Loading

0 comments on commit 7ee9b8b

Please sign in to comment.